Threat Actors

Question 1

An individual or entity responsible for incidents that impact security and data protection.

Answer 1

Threat Actor

Question 2

Specific characteristics or properties that define and differentiate various threat actors from one another

Answer 2

Threat Actor Attributes

Question 3

Individuals with limited technical expertise who use readily available tools like downloaded scripts or exploits to carry out attacks

Answer 3

Unskilled Attackers

Question 4

Cyber attackers who carry out their activities driven by political, social, or environmental ideologies who often want to draw attention to a specific cause

Answer 4

Hacktivists

Question 5

Well-structured groups that execute cyberattacks for financial gain, usually through methods like ransomware, identity theft, or credit card fraud

Answer 5

Organized Crime

Question 6

Highly skilled attackers that are sponsored by governments to carry out cyber espionage, sabotage, or cyber warfare against other nation states or specific targets in a variety of industries.

Answer 6

Nation-state Actors

Question 7

Security threats that originate from within the organization

Answer 7

Insider Threats

Question 8

IT systems, devices, software, applications, and services that are managed and utilized without explicit organizational approval

Answer 8

Shadow IT

Question 9

Decoy systems or servers designed to attract and deceive potential attackers, simulating real-world IT assets to study their techniques

Answer 9

Honeypots

Question 10

Creates an entire network of decoy systems to observe complex, multi-stage attacks

Answer 10

Honeynets

Question 11

Decoy files placed within systems to detect unauthorized access or data breaches

Answer 11

Honeyfiles

Question 12

Fake pieces of data, like a fabricated user credential, inserted into databases or systems to alert administrators when they are accessed or used.

Answer 12

Honeytokens

Question 13

What threat actor motivation is the unauthorized transfer of data from a computer

Answer 13

Data Exfiltration

Question 14

What threat actor motivation is one of the most common motivation for cybercriminals

Answer 14

Financial Gain

Question 15

What threat actor motivation is where the attacker obtains sensitive or compromising information about an individual or an organization and threatens to release this information to the public unless certain demands are met

Answer 15

Blackmail

Question 16

Often achieved by conducting a Distributed Denial of Service (DDoS) attack to overwhelm a network, service, or server with excessive amounts of traffic so that it becomes unavailable to its normal users

Answer 16

Service Disruption

Question 17

Individuals or groups use hacking to promote a political agenda, social change, or to protest against organizations they perceive as unethical

Answer 17

Philosophical or Political Beliefs

Question 18

Attacks that are conducted due to philosophical or political beliefs of the attackers or socially motivated purposes is known as

Answer 18

Hacktivism

Question 19

Ethical hackers, also known as Authorized hackers, are motivated by a desire to improve security

Answer 19

Ethical Reasons

Question 20

An employee who is disgruntled, or one who has recently been fired or laid off, might want to harm their current or former employer by causing a data breach, disrupting services, or leaking sensitive information

Answer 20

Revenge

Question 21

These actors, often referred to as unauthorized hackers, engage in malicious activities for the thrill of it, to challenge their skills, or simply to cause harm

Answer 21

Disruption or chaos

Question 22

Involves spying on individuals, organizations, or nations to gather sensitive or classified information

Answer 22

Espionage

Question 23

Cyberattacks have increasingly become a tool for nations to attack each other both on and off the battlefield

Answer 23

War

Question 24

Individuals or entities within an organization who pose a threat to its security.

Answer 24

Internal Threat Actors

Question 25

Individuals or groups outside an organization who attempt to breach its cybersecurity defenses

Answer 25

External Threat Actors

Question 26

Refers to the tools, skills, and personnel at the disposal of a given threat actor

Answer 26

Resources and Funding

Question 27

Refers to their technical skills, the complexity of the tools and techniques they use, and their ability to evade detection and countermeasures.

Answer 27

Level of Sophistication and Capability

Question 28

The classification name for the low skill. An individual with limited technical knowledge who uses pre-made software or scripts to exploit computer systems and networks often without understanding the underlying principles

Answer 28

Script Kiddie

Question 29

An individual who lacks the technical knowledge to develop their own hacking tools or exploits

Answer 29

Unskilled Attackers (Script Kiddie)

Question 30

Highly skilled group primarily motivated by their ideological beliefs rather than trying to achieve financial gains

Answer 30

Hacktivists

Question 31

Sophisticated and well-structured entities that leverage resources and high technical skills for illicit gain

Answer 31

Organized Cyber Crime Groups

Question 32

Sophisticated cybercrime syndicate that has been linked to numerous high-profile data breaches

Answer 32

FIN7

Question 33

Sophisticated cybercrime syndicate that has stolen over $1 billion from various banks around the world

Answer 33

Carbanak

Question 34

Groups that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals

Answer 34

Nation-State Actors

Question 35

Attack that is orchestrated in such a way that it appears to originate form a different source or group.

Answer 35

False Flag Attack

Question 36

Term that used to be used synonymously with a nation-state actor because of their long-term persistence and stealth

Answer 36

Advanced Persistent Threat

Question 37

A prolonged and targeted cyberattack in which an intruder gains unauthorized access to a network and remains undetected for a long period of time.

Answer 37

Advanced Persistent Threat